
CLAIMS 

A method of controlling access to records stored in a database, said method 
comprising: 

^defining at least one expression associated with at least one record of said 
database; 

evaluating said at least one expression for said at least one record; and 

allowirrg access to said at least one record based on said evaluating of 
said at least one expression. 

2. A method as recited\n claim 1, wherein said at least one expression is a 
calculation expression th\t can be evaluated at least partly based on a value of at 
least one field of said at lea\t one record. 



3. A method as recited in claim l\ wherein said at least one expression is a 
calculation expression that can be eyaluated at least partly based on at least one 
state variable of said database. 



4. A method as recited in claim 1, 

wherein said at least one expression ca\be defined based on fields and 
state variables of said database, and 

wherein said evaluating operates to return otaiy one of two possible 
values, one of said possible values indicating that access to said at least one 
record should be granted, and the other one of said possible values indicating 
that access to said at least one record should be denied. 



5. A method as recited in claim 1, wherein said evaluation is performed only 
when a request to access said at least one record has been received. 
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^6. A method as recited in claim 1, wherein said defining of said at least one 
expression defines access privileges for a user of said database with respect to 
accessing one or more records of said database. 

7. A method as recited in claim 1, wherein said defining of said at least one 
expression (operates to define access privileges for a user of said database with 
respect to at least one operation that can be performed on one or more records 
of said database^ 

8. A method as recited in claim 1, 

wherein said denying of said expression defines access privileges for at 
least one user of said database with respect to access to one or more records in 
said database, and \ 

wherein said defining of\said expression operates to define access 
privileges with respect to at leastWie operation that may be requested to be 
performed by said at least one useron one or more records of said database. 

9. A method as recited in claim 8, wherein said at least one user is assigned a 
password that is associated with said expression. 

10. A method as recited in claim 1, wherein access to said at least one record 
can be for browsing, editing, or deleting of said atNleast one record. 

1 1 . A method of controlling access to records stored in la database, said method 
comprising: \ 

identifying a password that is associated with one orViore users of said 
database; \ 
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\ defining a calculation expression for said identified password, said 
calculation expression defining access privileges of said one or more users with 
respect\o at least one operation that may be requested to be performed by said 
one or mVe users on one or more records of said database; 

receiving a request to perform said at least one operation on one or more 
records of saia\database, said request being identified as a request made by said 
one or more users associated with said password; 

evaluating s^id calculation expression when said request has been 
received; said evaluation returning only one of two possible values, one of said 
possible values indicating that said at least one operation should be granted and 
another one of said possible values indicating that said at least one operation 
should be denied; \ 

granting said at least o\e operation to be performed when said evaluation 
returns one said possible value to indicate that said at least one operation should 
be granted; and \ 

denying said at least one operation to be performed when said evaluation 
returns one said another possible valuqto indicate that said at least one 
operation should be denied. \ 

12. A method as recited in claim 1 1, whereinvsaid at least one operation can be 
a browse, an edit, or a delete operation. \ 

13. A method as recited in claim 1 1, wherein said calculation expression is not 
explicitly defined for said at least one operation but said calculation expression is 
one that has been defined for another operation which r^as been considered as a 
related operation to said at least one operation. \ 
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"M.^A method as recited in claim 1 1, 

Wherein said calculation expression can be evaluated at least partly based 
on a valukof at least one field of said at least one record, and 

wherein said calculation expression can be evaluated at least partly based 
on at least one state variable of said database. 

15. A method as recited in claim 14, wherein said method further comprises: 

granting temporarV or limited access to said at least one record to allow 
said evaluating of said calculation expression. 

16. A database system, said database system comprising: 

a database having one or mVe records stored therein; 

a database program including^ Graphical User Interface that can be used 
to facilitate operations on said one or more records stored in said database; and 

wherein said Graphical User Interrace operates to facilitate defining 
access privileges with respect to said one o\ more records stored in said 
database. \ 

1 7. A database system as recited in claim 16, wnerein said Graphical User 
Interface operates to provide the ability for a user of said database to define an 
expression associated with at least one operation that may be requested to be 
performed by another user of said database on said oloe or more records stored 
in said database. \ 

18. A database system as recited in claim 16, wherein saidVUraphical User 
Interface operates to provide the ability for a user to define said expression 
without requiring said user to write a programming script. \ 

\ 

\ 
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^9\A database system as recited in claim 16, 

wherein said Graphical User Interface provides a window that allows a 
user toViteract with said Graphical User Interface to identify a password for 
which access privileges may be defined or re-defined. 

20. A database System as recited in claim 19, wherein said Graphical User 
Interface further provides a window that allows a user to specify a calculation 
expression which defines access privileges with respect to at least one operation 
that may be requesteosto be performed on said one or more records. 

21 . A database system as refcited in claim 20, wherein said at least one operation 
can be a browse, edit, or a delete operation. 



22. A database system as recited irVclaim 20, 

15 wherein said calculation expression can be evaluated at least partly based 

on a value in at least one field of said one or more records of said database, and 

wherein said calculation expression can be evaluated at least partly based 
on at least one state variable of said databas 



20 23. A database system as recited in claim 16, whferein said database program 

operates to determine whether access to at least orr^ of said one or more records 
should be granted or denied. 



24. A database system as recited in claim 23, wherein saiaVletermining of 
25 whether access to said at least one record should be granted \>r denied is 

performed by evaluating a calculation expression for said at lea^t one of said one 
record. 
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25. A database system as recited in claim 24, 

\ wherein access to said at least one record is granted only when said 
deternVining determines that access should be granted, and 

wherein access to said at least one record is denied when said 
determining^determines that access should be denied for said record. 

26. A database system as recited in claim 24, wherein said access to said at least 
one record can be for browsing, editing, or deleting of said record. 

27. A database system a\ recited in claim 24, 

wherein said database system further comprises a cache, and 

wherein said cache operates to store an evaluated result of at least one 
calculation expression. \ 

28. A computer readable medium including computer program code for 
controlling access to records stored in\a database, said computer readable 
medium comprising: \ 

computer program code for defining at least one expression associated 
with at least one record of said database; \ 

computer program code for evaluating said at least one expression for 
said at least one record; and \ 

computer program code for allowing or denying access to said at least 
one record based on said evaluating of said at least orie expression. 

29. A computer readable medium as recited in claim 28, \ 

wherein said at least one expression can be defined based on fields and 
state variables of said database, and \ 
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wherein said evaluating operates to return only one of two possible 
values,\}ne of said possible values indicating that access should be granted and 
another or\e of said possible values indicating that access should be denied. 
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30. A computer readable medium as recited in claim 28, 

wherein said opfining of said expression is made to define access 
privileges of at least ome user of said database with respect to access to one or 
more records of said dataoase, and 

wherein said defining \>f said expression operates to define access 
privileges with respect to at least one operation that may be requested to be 
performed by said at least one useKon one or more records of said database. 



15 



31. A computer readable medium as recited in claim 28, wherein said at least 
one user is assigned a password that is assorted with said expression. 

32. A computer readable medium as recited in clakm 28, wherein access to said 
at least one record can be for browsing, editing, or deleting of said at least one 
record. 
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